Director of National Intelligence James Clapper calls cyber-attacks a top national security concern, but these U.S. alarms sound hypocritical after the joint U.S.-Israeli cyber-sabotage of Iran’s nuclear industry, as Dutch computer expert Arjen Kamphuis explains.
From wired.com — Legal Experts: Stuxnet Attack on Iran Was Illegal ‘Act of Force’
A cyberattack that sabotaged Iran’s uranium enrichment program was an “act of force” and was likely illegal, according to research commissioned by a NATO defense center.
“Acts that kill or injure persons or destroy or damage objects are unambiguously uses of force” and likely violate international law, according to the Tallinn Manual on the International Law Applicable to Cyber Warfare, a study produced by a group of independent legal experts at the request of NATO’s Cooperative Cyber Defense Center of Excellence in Estonia.
By Arjen Kamphuis -
A few years ago, Israeli and American intelligence developed a computer virus with a specific military objective: damaging Iranian nuclear facilities. Stuxnet was spread via USB sticks and settled silently on Windows PCs. From there it looked into networks for specific industrial centrifuges using Siemens SCADA control devices spinning at high-speed to separate Uranium-235 (the bomb stuff) from Uranium-238 (the non-bomb stuff).
Iran, like many other countries, has a nuclear program for power generation and the production of isotopes for medical applications. Most countries buy the latter from specialists like the Netherlands that produces medical isotopes in a special reactor. The Western boycott of Iran makes it impossible for Iran to purchase isotopes on the open market. Making them yourself is far from ideal, but the only option that remains.
Why the boycott? Officially, according to the U.S., it’s because Iran won’t give sufficient openness about its weapons programs, in particular, military applications of its nuclear program. This concern is fairly recent and, for some reason, has only been reactivated after the U.S. attack on Iraq in 2003 (a lot of the original nuclear equipment in Iran was supplied by American and German companies with funding from the World Bank before the 1979 revolution).
The most curious aspect of the West’s allegations about Iran is that they are never more than vague insinuations. When all 16 U.S. intelligence agencies in 2007 produced a joint study there was a clear conclusion: Iran is not developing a nuclear weapon. (To see a recent speech by the leader of this study, click here.)
And that’s what’s strange. For if the 16 American intelligence services and their Israeli colleagues, the Mossad, can all agree that Iran is not making nuclear weapons, how do you justify an attack against Iran’s civilian industrial infrastructure via the Stuxnet computer virus? And this is the equivalent of a military attack as would be clear if you consider what would happen if Iran had been caught in a cyber-attack on Western installations in Borssele or Indian Point.
Stuxnet is designed for a single purpose: the damage of nuclear enrichment facilities in Iran, a country that may just be performing these activities in accordance with the international agreements stipulated in the Non-Proliferation Treaty. Iran, like most other countries in the world, signed this Convention. The countries outside the NPT are Israel, India, Pakistan, North Korea (which withdrew) and the newly independent South Sudan.
Under the NPT, a civilian nuclear industry is allowed, a detail that sometimes escapes the attention of editors. I’m not saying the Iranian government is filled with darlings, but Iran has not attacked anyone in the past 200 years, unlike some NATO countries. Read the rest of this entry →